30 July 2018
Companies need to consider what technical measures they can take in an effort to adhere to the data subject's right to erasure, or 'right to be forgotten'. Anonymisation ensures that the anonymised data is no longer identifiable to a person. Therefore, it is no longer considered personal data under…27 July 2018
How much Cyber Insurance is enough? If, like us, you think that paying more will guarantee greater safety then you may well be right. I put an emphasis on may, because cyber coverage is still largely unknown by consumers and difficult to place by underwriters. If, as an organisation, you do…27 July 2018
The new European data legislation or GDPR requires a balance between the needs of the many and the needs of the individual. The benefits and risks of using personal data splits opinion particularly within the medical research sector. 'Big data' can digest previously unimaginable quantities of information and uncovers previously-unforeseen…26 July 2018
Data protection is a term to over-arch the mitigation against failures in protection (confidentiality), accuracy (integrity) and access (availability) that can cause an impact to data subjects and ultimately, your business. Compliance is about the governance of the GDPR, and non-technical measures to adopt and adapt. Risk-assessments enable the…26 July 2018
The legal requirements pertaining to surveillance and personal cameras are contained within the code of practice issued by the ICO. Surveillance is now a proactive technology which can identify people and keep detailed records of activities. As a consequence of the greater use of personal surveillance, the Protection of Freedoms…26 July 2018
A Subject Access Request (SAR) is a written request from an individual, in relation to their access to information, which they are entitled to ask for under the Data Protection Act. There has been some debate on what must be included in an SAR: Recently in relation to the inclusion…26 July 2018
A Data Protection Impact Assessment (DPIA) is a procedure which assists you in detecting and minimising data protection risks of a project. You should always complete a DPIA when undertaking tasks of a high risk, usually new tasks or projects. In order to conduct an assessment, you can utilize certain…25 July 2018
Supporting GDPR Gap Analysis and Audits There are various tools out there which cover essential elements on a data project, such as data discovery, data mapping and data lineage. Meanwhile, gap analyses tend to be performed by traditional auditing methods, such as reviewing the organisational and process documents and…25 July 2018
Does a data processor need to be informed when a data controller deletes data? A Data Processor only needs to be informed if the Data Controller is in need of support, in regard to undertaking the right to be forgotten. Although, it is important for a data controller to…24 July 2018
The minimum information needed for a processor to comply with its legal responsibilities, and for the controller to comply with Article 28, is to specify whether the data includes special categories of personal data, this raises the risk profile of the data set. For Personal Data that does not fall…To find how our friendly and knowledgeable solicitors can help you, contact us today.
Make a free enquiry - Call now - 0151 659 1070
